Professional Documents
Culture Documents
Information Security
Information Security
Information Security
Vilas S. Bagad
M.E. (E&Tc), Microwaves
M.M.S. (Information systems)
Faculty, Institute of Telecommunication Management,
Ex-Faculty, Sinhgad College of Engineering, Pune
Iresh A. Dhotre
M.E. (Information Technology)
Ex-Faculty, Sinhgad College of Engineering,
Pune.
® ®
TECHNICAL
PUBLICATIONS
SINCE 1993 An Up-Thrust for Knowledge
(i)
Information Security
Published by :
® ®
Amit Residency, Office No.1, 412, Shaniwar Peth,
TECHNICAL Pune - 411030, M.S. INDIA, Ph.: +91-020-24495496/97
PUBLICATIONS
SINCE 1993 An Up-Thrust for Knowledge Email : sales@technicalpublications.org Website : www.technicalpublications.org
Printer :
Yogiraj Printers & Binders
Sr.No. 10/1A,
Ghule Industrial Estate, Nanded Village Road,
Tal. - Haveli, Dist. - Pune - 411041.
ISBN 978-93-5585-039-3
Authors
V. S. Bagad
I. A. Dhotre
Dr. Swati Nikam
Dedicated to God.
(iii)
Syllabus
Information Security - 310254(A)
Credit : Examination Scheme :
Mid-Sem (TH) : 30 Marks
03
End-Sem (TH) : 70 Marks
(iv)
Table of Contents
Unit I
Chapter - 1 Introduction to Information Security (1 - 1) to (1 - 22)
1.1 Foundations of Security .................................................................................. 1 - 2
1.2 Computer Security Concepts .......................................................................... 1 - 2
1.2.1 Basic Terminologies in Security .................................................................... 1 - 3
1.2.2 Categories ..................................................................................................... 1 - 4
1.2.3 Techniques.................................................................................................... 1 - 4
1.2.4 Elements of Information Security ................................................................. 1 - 5
1.2.5 Threats and Vulnerability ............................................................................. 1 - 7
1.3 The OSI Security Architecture ......................................................................... 1 - 8
1.3.1 Vulnerabilities in OSI Model ......................................................................... 1 - 8
1.4 Security Attacks............................................................................................. 1 - 10
1.4.1 Passive Attack ............................................................................................. 1 - 11
1.4.2 Active Attack ............................................................................................... 1 - 12
1.4.3 Difference between Passive and Active Attack .......................................... 1 - 15
1.5 Security Services ........................................................................................... 1 - 15
1.6 Security Mechanism ...................................................................................... 1 - 17
1.6.1 Security Policy ............................................................................................. 1 - 18
1.7 A Model for Network Security ...................................................................... 1 - 19
1.8 Multiple Choice Questions with Answers ..................................................... 1 - 20
Unit II
Chapter - 2 Symmetric Key Cryptography (2 - 1) to (2 - 52)
2.1 Introduction to Symmetric Key Cryptography ................................................ 2 - 2
2.1.1 Advantages of Symmetric Key Cryptography .............................................. 2 - 3
2.1.2 Disadvantages of Symmetric Key Cryptography .......................................... 2 - 4
(v)
2.2 Cryptography................................................................................................... 2 - 4
2.2.1 Linear Cryptanalysis ..................................................................................... 2 - 5
2.2.2 Differential Cryptanalysis ............................................................................. 2 - 6
2.2.3 Difference between Linear and Difference Cryptanalysis ........................... 2 - 7
2.3 Stream Ciphers ................................................................................................ 2 - 7
2.3.1 Advantages and Disadvantages of Stream Cipher ....................................... 2 - 8
2.3.2 Comparison between Stream and Block Cipher .......................................... 2 - 8
2.4 Substitution Techniques ................................................................................. 2 - 9
2.4.1 Caesar Cipher .............................................................................................. 2 - 9
2.4.2 Monoalphabetic Cipher ............................................................................. 2 - 10
2.4.3 Playfair Cipher............................................................................................ 2 - 10
2.4.4 Hill Cipher................................................................................................... 2 - 11
2.4.5 Polyalphabetic Substitution ....................................................................... 2 - 12
2.4.6 One Time Pad............................................................................................. 2 - 14
2.4.7 Feistel Cipher ............................................................................................. 2 - 14
2.4.8 Comparison between Monoalphabetic and Polyalphabetic Cipher .......... 2 - 17
2.5 Transposition Techniques ............................................................................. 2 - 20
2.5.1 Comparison of Substitution and Transposition Ciphers ............................. 2 - 21
2.6 Block Ciphers ................................................................................................. 2 - 23
2.6.1 Advantages and Disadvantage of Block Cipher ......................................... 2 - 24
2.7 Block Cipher Modes of Operation................................................................. 2 - 24
2.8 Simple DES .................................................................................................... 2 - 29
2.9 Data Encryption Standard ............................................................................. 2 - 33
2.9.1 Details of Single Round .............................................................................. 2 - 35
2.9.2 Key Generation .......................................................................................... 2 - 39
2.9.3 DES Encryption ........................................................................................... 2 - 39
2.9.4 DES Decryption .......................................................................................... 2 - 41
2.9.5 DES Weak Keys........................................................................................... 2 - 41
2.9.6 Advantages of DES ..................................................................................... 2 - 41
2.9.7 Disadvantages of DES................................................................................. 2 - 42
(vi)
2.9.8 Block Cipher Design Principles ................................................................... 2 - 42
2.9.9 Double DES ................................................................................................ 2 - 43
2.9.10 Triple DES .................................................................................................... 2 - 44
2.10 Confusion and Diffusion ................................................................................ 2 - 45
2.10.1 Distinguish between Diffusion and Confusion .............................................. 2 - 46
2.11 Advanced Encryption Standard..................................................................... 2 - 46
2.11.1 Evaluation Criteria for AES ............................................................................ 2 - 46
2.11.2 AES Cipher ..................................................................................................... 2 - 47
2.11.3 Comparison between AES and DES ............................................................... 2 - 49
2.12 Multiple Choice Questions with Answers ..................................................... 2 - 50
Unit III
Chapter - 3 Asymmetric Key Cryptography (3 - 1) to (3 - 56)
3.1 Number Theory ............................................................................................... 3 - 2
3.1.1 Divisibility ..................................................................................................... 3 - 2
3.1.2 Prime Number.............................................................................................. 3 - 2
3.1.2.1 Relatively Prime Numbers.............................................................................. 3 - 3
(vii)
3.8.1 Attacks on RSA ........................................................................................... 3 - 23
3.8.1.1 Computing (n) ....................................................................................... 3 - 23
(viii)
4.4.3 Comparison between MD5 and SHA ......................................................... 4 - 17
4.5 Message Authentication Codes .................................................................... 4 - 18
4.5.1 Message Authentication Requirements .................................................... 4 - 19
4.5.2 Application of MAC .................................................................................... 4 - 19
4.5.3 MAC based on DES..................................................................................... 4 - 20
4.6 Digital Signatures .......................................................................................... 4 - 21
4.6.1 Arbitrated Digital Signatures ..................................................................... 4 - 21
4.6.2 Direct Digital Signature .............................................................................. 4 - 22
4.6.3 Digital Signature Standard ......................................................................... 4 - 23
4.6.4 Digital Signature Algorithm........................................................................ 4 - 24
4.7 PKI ................................................................................................................. 4 - 25
4.7.1 Benefits and Limitation of PKI ..................................................................... 4 - 27
4.7.2 Certificate .................................................................................................... 4 - 27
4.8 X.509 Certificate ............................................................................................ 4 - 29
4.8.1 X.509 Format of Certificate........................................................................ 4 - 30
4.8.2 Obtaining User’s Certificate ....................................................................... 4 - 31
4.8.3 Revocation of Certificates .......................................................................... 4 - 32
4.8.4 Authentication Procedures ........................................................................ 4 - 32
4.8.5 Digital Certificate ....................................................................................... 4 - 33
4.9 Web Security Issues ...................................................................................... 4 - 35
4.9.1 Transport Layer Security (TLS) ................................................................... 4 - 36
4.9.2 Comparison between IPsec and TLS .......................................................... 4 - 38
4.10 HTTPS ............................................................................................................ 4 - 38
4.11 SSH ................................................................................................................ 4 - 40
4.12 Email Security ................................................................................................ 4 - 44
4.12.1 IPv4 Header Format .................................................................................... 4 - 44
4.13 IP Security...................................................................................................... 4 - 47
4.13.1 IP Security Architecture .............................................................................. 4 - 47
4.13.2 IPSec Document .......................................................................................... 4 - 47
4.13.3 IPSec Services.............................................................................................. 4 - 48
(ix)
4.13.4 Security Association .................................................................................... 4 - 49
4.13.5 SA Parameters ............................................................................................ 4 - 50
4.13.6 Transport Mode .......................................................................................... 4 - 50
4.13.7 Tunnel Mode............................................................................................... 4 - 51
4.13.8 Application of IPSec .................................................................................... 4 - 52
4.13.9 Benefits of IPSec ......................................................................................... 4 - 52
4.14 Authentication Header.................................................................................. 4 - 52
4.14.1 AH Transport Mode .................................................................................... 4 - 54
4.14.2 AH Tunnel Mode ......................................................................................... 4 - 54
4.15 ESP ................................................................................................................. 4 - 55
4.15.1 ESP Format .................................................................................................. 4 - 55
4.15.2 Encryption and Authentication Algorithms ................................................ 4 - 55
4.15.3 Padding ....................................................................................................... 4 - 56
4.15.4 Comparison between AH and ESP .............................................................. 4 - 56
4.16 Multiple Choice Questions with Answers ..................................................... 4 - 56
Unit V
Chapter - 5 Network and System Security (5 - 1) to (5 - 42)
5.1 Access Control ................................................................................................. 5 - 2
5.1.1 Discretionary Access Control (DAC) .............................................................. 5 - 2
5.1.1.1 Drawbacks of DAC .......................................................................................... 5 - 2
(x)
5.3 Intrusion Detection ......................................................................................... 5 - 9
5.3.1 Prevention ................................................................................................. 5 - 10
5.3.2 Detection .................................................................................................... 5 - 11
5.3.3 Function and Strength of IDS ...................................................................... 5 - 11
5.3.4 Types of IDS ................................................................................................ 5 - 12
5.3.4.1 Anomaly Detection ...................................................................................... 5 - 12
(xi)
5.9 Concepts of Trusted System ......................................................................... 5 - 36
5.10 Trusted Computing ....................................................................................... 5 - 37
5.10.1 Software Reverse Engineering .................................................................... 5 - 38
5.10.2 Digital Rights Management ........................................................................ 5 - 39
5.11 Multiple Choice Questions with Answers ..................................................... 5 - 40
Unit VI
Chapter - 6 Cyber Security and Tools (6 - 1) to (6 - 40)
6.1 Introduction .................................................................................................... 6 - 2
6.1.1 Cybersqatting ................................................................................................ 6 - 3
6.1.2 Cyber Terrorism ............................................................................................ 6 - 4
6.1.3 Cybercrime against Property ........................................................................ 6 - 5
6.2 Cybercrime and Information Security ............................................................. 6 - 7
6.2.1 Types of Cyber Crimes .................................................................................. 6 - 8
6.2.2 Information Security Life Cycles ................................................................... 6 - 9
6.2.3 Botnets........................................................................................................ 6 - 10
6.2.4 Zombie ........................................................................................................ 6 - 12
6.3 Classification of Cybercrimes ........................................................................ 6 - 13
6.4 The Legal Perspectives - Indian Perspective ................................................. 6 - 16
6.4.1 Indian IT Act ................................................................................................ 6 - 17
6.4.2 Cyber Laws and Crimes as per the Indian IT Act ......................................... 6 - 19
6.4.3 Advantages of Cyber Law ........................................................................... 6 - 19
6.4.4 A Global Perspective on Cybercrimes ........................................................ 6 - 20
6.5 Categories of Cybercrime.............................................................................. 6 - 21
6.6 Social Engineering ......................................................................................... 6 - 21
6.7 Cyber Stalking................................................................................................ 6 - 23
6.7.1 Motivates of Cyber Stalker ......................................................................... 6 - 25
6.7.2 Types of Stalkers ......................................................................................... 6 - 25
6.7.3 Typology of Cyber Stalking ......................................................................... 6 - 27
6.7.4 Types of Stalkers ......................................................................................... 6 - 27
(xii)
6.7.5 Investigating Cyber Stalking........................................................................ 6 - 28
6.8 Proxy Servers ................................................................................................ 6 - 29
6.9 Anonymizers.................................................................................................. 6 - 30
6.10 Phishing ......................................................................................................... 6 - 30
6.10.1 Phishing Attacks .......................................................................................... 6 - 32
6.10.2 Buffer Overflow .......................................................................................... 6 - 33
6.10.2.1 Exploitation ................................................................................................ 6 - 35
(xiii)
Notes
(xiv)
TM
Secure
Integrity
Availability
Opponent Read content of
message from sender
to receiver
nternet
Sender Receiver
hp
nternet
Sender
Receiver
hp
nternet
Sender Receiver
hp
nternet
Sender Receiver
hp
Opponent modifies
Opponent message from sender
to receiver
hp hp
nternet
Sender Receiver
hp
Disrupts service
provided by server
hp hp
nternet
Source Server
system
hp
Target
system
Sender Receiver
Transformation Transformation
K
Secure channel
Key
source
P1 P2 C1 C2
2 38
2 47
Key stream
Ciphertext
Plaintext
Pay 150/-
K 1 , K 2 , K 3 ....... Ki
P1 , P2 , P 3 ....... Pi
Ci Pi Ki
Pi Ci Ki
C1 K 11 K 12 K 13 P1
C2 K 21 K 22 K 23 P2
C K K 32 K 33 P
3 31 3
17 17 5
21 18 21
2 2 19
17 17 5 15
21 18 21 0
2 2 19 24
375 11
819 13
486 18
Plaintext (2w bits)
Key
L1 R1
Round i Ki
Li Ri
Round n Kn
Ln Rn
Ln+1 Rn+1
RE 0 LE 0
ki ki
17 17 5
21 18 21
2 2 19
17 17 5
21 18 21
2 2 19
15 15 375 11
0 0 819 13
24 24 486 18
2
14
4
0 13 14
19 6 4
17 1 25
0 13 14 2
19 6 4 14 mod 26
17 1 25 4
238 4
138 mod 26 8
148 18
0 13 14
19 6 4
17 1 25
4 4 8
18 13 0
18 19 11
K P mod 26
0 13 14 4 4 8
19 6 4 18 13 0 mod 26
17 1 25 18 19 11
18 19 24
22 22 14 mod 26
16 10 21
S T Y
W W D mod 26
Q K V
227
16
EK
Co EK ( m o I )
Ci E K ( mi C i 1 )
Time = 1 Time = 2 Time = N
P1 P2 PN
K K K
Encrypt Encrypt Encrypt
C1 C2 Encryption CN
C1 C2 CN
K K K
Decrypt Decrypt Decrypt
P1 P2 Decryption PN
Ci E k (Pi C i 1 )
Pi C i 1 D k (C i )
P0 P1 P2 C0 C1 C2
IV + + +
Key D D D Decryption
Encryption box
Key E E E box
+ + + Exclusive
IV
OR
C0 C1 C2 P0 P1 P2
Encryption Decryption
Plaintext
Ciphertext
K
Key Encrypt Decrypt
Ki Select discard
P1 + +
Ciphertext Plaintext
Counter Counter 1
P1 + P2 +
C1 C2
(a) Encryption
Counter Counter 1
C1 + C2 +
P1 P2
(b) Decryption
b 1 b 2 b3 b 4 b 5 b 6 b7 b 8
k 1 k 2 k 3 k 4 k 5 k 6 k 7 k 8 k 9 k 10
K1 K2
K1 S1
K2 S2 S1
LS 1 LS 2
k 1 k 2 k 3 k 4 k 5 k 6 k 7 k 8 k 9 k 10 k 3 k 5 k 2 k 7 k 4 k 10 k 1 k 9 k 8 k 6
LS 1
LS 2
K1 K2
IP 1 fK 2 fK 1
IP 1
fK
fK FK
FK
b1 b2 b 3b4 b 1b 4 , b 2 b 3
L 0 R0 L0
R0 i th
L i1 Ri1 L i Ri Ki
Li–1 Ri–1
f Ki
Li Ri
i th
Li Ri 1 R i L i 1 f(R i 1 , K i )
Ln Rn
Rn Ln
K1 , K 2 Kn
Kn Kn1 K1
f(R i 1 , K i ) f(Ri 1 , Ki )
Ri–1
E(Ri–1)
Ki
4 bits 4 bits
S1 S2
f(Ri–1, Ki)
f (R i 1, k i)
1 2 3 4 5 6
1 2 4 3 4 3 5 6
E(Ri 1 )
Ki
f(Ri 1 , Ki )
6 th
f ( R i 1 , K i )
Plain text (64 bit) Key (64 bit)
64 56
48 56
Permuted Left circular
Round 1
choice 2 shift
K1
64 56
48 56
Round 2 Permuted Left circular
choice 2 shift
K2
48 56
Permuted Left circular
Round 16
choice 2 shift
K16
32 bit swap
64
Inverse initial
permutation
Li – 1 Ri – 1 Ci – 1 Di – 1
F 48
Permutation /
XOR Ki
contraction
48
Substitution / choice
(S-box)
32
Permutation
(P)
32
XOR
Li Ri Ci Di
R (32 bits)
S1 S2 S3 S4 S5 S6 S7 S8
32 bits
b1 b2 b3 b4 b5 b6
4 bit column
number
2 bit row
number
L R
R L ( ) f (R, K)
L0 R0
L n 1 R n 1 Kn n
Ln R n 1
Rn L n 1 R n 1 K n
R 16 L 16
Key
Permuted
choice 1
C0 D0
Left Left
shift shift
C1 D1
Permuted K1
choice 2
Left Left
shifts shifts
CN DN
Permuted KN
choice 2
Left Left
shifts shifts
C16 D16
Permuted K16
choice 2
Kn
Kn
Kn
R 10 L 10 K 10
K 10
E K 2 (E K 1 (P))
D K 1 (D K 2 (C))
E K 2 (E K 1 (P))
Encryption Decryption
64-bit 64-bit
plaintext (P) plaintext (P)
K1
DES reverse
DES cipher
cipher
K2
DES reverse
DES cipher
cipher
C = E K 3 [D K 2 [E K 1 [P]]]
Plaintext
Ciphertext
Plaintext Plaintext
Key
Round 10
Substitute bytes Expand key nverse sub bytes
Round 9
nverse sub bytes
Substitute bytes
Shift rows
Round 9
Ciphertext Ciphertext
(a) Encryption (b) Decryption
TM
p a1 1 p a2 2 p a3 3 ........ p at t
p 1 p 2 .... p t
ap
p
p
PE
1 i j n
22 51
22 2 1 1 22 1 2
51 5 1 4 51 1 1
97
1081.1 322
322.3 115
115.2 92
92.1 23
23.4 0
20 2 10
10 2 0
20 52
a p–1
ap
a (n)
(n)
(n)
{x 1 , x 2 , x (n) }
(n)
(n) (n)
(ax i mod n) xi
i 1 i 1
(n) (n)
ax i x i (mod n)
i 1 i 1
(n) (n)
a (n) x i x i (mod n)
i 1 i 1
a (n) 1
a2
a2
2k
aq aq aq 1
K 1q
a2
2j 1q 2j 1q
a a
Z 10
m 1 m 2 m 3 ... m k mi ' s
gcd (m i , m j ) 1 i j k
(a 1 , a 2 , ... a k ) Z m , a i Z mi ai mi 1 i k
ZM
Z m1 Z m2 ... Z mk
(a 1 , a 2 , ... a k ) ai mi
(a 1 , a 2 , ... a k ) ZM
(a 1 , a 2 , ... a k )
(a 1 , a 2 , ... a k )
Mi M mi M i m 1 m 2 ... m i 1 ... m k
Mi mj
ci Mi (M i 1 mod m i )
(a 1 c 1 a 2 c 2 ... a k c k )
ai mi c j M j 0 (mod m i ) c i 1 (mod m i )
ZM
A (a 1 , a 2 , ... a k ) B (b 1 , b 2 , ... b k )
((a 1 b 1 ) mod m 1 , ... (a k b k ) mod m k )
((a 1 b 1 ) mod m 1 , ... (a k b k ) mod m k )
((a 1 b 1 ) mod m 1 , ... (a k b k ) mod m k )
nt 1 (mod m)
x bms b (mod n)
x1 x x 1 (mod m) x x 1 (mod n) x1
x1 x x1
x x 1 (mod mn)
x 80 7 15
80 5 (mod 15)
n1 n2 n3
–1
f x1 x2 x3
N1 n2 n 3
N2 n1 n 3
N3 n1 n 2
v 1 (N 1 ) –1 42 –1 2 –1 3 (mod 5)
v 2 (N 2 ) –1 35 –1 5 –1 5 (mod 6)
v 3 (N 3 ) –1 30 –1 2 –1 4 (mod 7)
a 1 v 1 N 1 a 2 v 2 N 2 a 133 N 3
n1 n2 n3
n1 n2 n 3
c1 c2 c3
N1 N n1
N1 35 1
N2 N n2 21 1
N3 N n3 15 1
c a c b
d c
a 3 b 0.
q 1 b r1 ,
q 2 r1 r2
q 3 r2 r 3 ,
q i 2 ri 1 ri 2 ,
1 * 87 38
2 * 38 11
3 * 11 5
2*5 1
5 *1
q 1 b r1 ,
q 2 r1 r2 ,
q 3 r2 r 3 ,
q i 2 ri 1 ri 2,
q k rk– 1 rk ,
q k 1 rk
rk –2 – q k rk– 1
rk– 2 – q k rk– 1
1 q k q k– 1 rk– 2 – q k rk– 3
a1 b1 a2 b2
r2 0 r2 4
a1 b 1 50
a1 b 1 q 1 r1
a2 b 2 10 b 2 q 2 r2
r2 0 r2 10
a (n)
(n)
am
(n)
71
72
73
74
75
7m
x log x (y)
log x (1)
log x (x)
log x (yz) log x (y) + log x (z)
log x (y r ) r log x (y)
ai
d log a, p (b)
dlog a, p (1) a0
dlog a, p (a) a1
x (mod n)
x log (mod n)
Zp
Zp
Z kp pk 1
x (mod n) x log (mod n)
x
a log
Suresh Tomy
Alice
Alice Alice
public private
key key
Transmitted
ciphertext
(a) Encryption
Bob
Bob's
Bob's public
private key key
Transmitted
ciphertext
(b) Authentication
<
X
Cryptanalyst
<
KRb
Message X Y X
Encrypt Decrypt Destination
source
KVb KRb
Source side X1 Destination side Y1
Key-pair
source
X (X 1 , X 2 , Xm )
KU b
KR b
Y1
KU b X1
Y1 , Y2 , Y 3 .... Yn
E KU b (X)
D KR b (Y)
KU b
KR b
(PU b )
PR b
(PU b )
p q
Me 27
Cd 128 343
n pq
(n)
(n) (n)
d e (n)
(n)
KU
KR
Pe
Cd
p q (n)
(n)
(n)
xy
d e (n) p ed P
C Pe
P Cd (P e ) d P ed
(n)
(n)
(n) (n)
(n)
p 2 (n (n) 1) p n
(n)
(n) e 1
(n)
(n)
(n)
(n)
( n)
19 23
(n)
(n) 18 22
(n)
(n)
1
3
(n)
(n)
ed (n)
7 d
Me
127
(n) 6 10
ed (n)
Me
25 17
cd
12 3
957
(n)
ed (n)
cd
11 23
p q 11 5
(n) (p 1) (q 1) 10 4
gcd( ( n), ( e)
e 1 (mod ( n))
d e 1 (mod ( n))
Me
93
cd
14 27
(n)
(n)
e– 1
e– 1
Me
(8) 17
(n)
Me (40) 23
( n)
( n)
Me
3 13
(P 1) (Q 1) (17 1) ( 27 1)
2 2 2 2 2 13
e d
5 d
PUa PUb
A PUa PUb B
PUa PUb
PUa PUb
Public key
directory
PUa PUb
A B
Public key
authority
1 E( 4
]) PR
Request || Time1 e1 Request || Time2
im au
||T th ,
e st [P
U
u
eq a ||
Re
| |R qu
b es
PU 2 5
t|
,[ |T
h
ut im
Ra e
E(P 2 ])
3 E(PUb, [IDA|| N1])
Initiator Responder
A B
6 E(PUa, [N1||N2])
7 E(PUa, N2)
Certificate
authority
]) C
PUa B =
|| E(
PUa PR PUb
DA
| |I au
th ,
e1 [Ti
m m
Ti e
,[ 2 ||
h
ut ID
PRa B
E( ||
1 CA PU
=
b ])
CA
A B
2 CB
|| ||
1 PUa || IDA
User User
A B
2 E(PUa,K)
1 E(PUb,[N1||IDA])
2 E(PUa,[N1||N2])
Initiator Responder
A B
3 E(PU ,N )
a 2
4 E(PUb, E(PRa,Ks))
Root CA
Marketing Engineering
Sales CA
CA CA
Subordinate Subordinate
CA CA Subordinate
CA
Certificate
issued by
Engineering CA
3 10 26
Data Cryptographic protection
||N 1
I D B
||
ID A
1
2 E(Ka, [Ks||IDA||IDB||N1])||E(Kb, [Ks, IDA])
3 E(Kb, [Ks||IDA])
A B
4 E(Ks, N2)
5 E(Ks, f(N2))
KDC
HOST HOST
Application Application
2 3
1
Security Security
service service
4
Network
1 IDA||N1
A B
2 E(MKm, [Ks||IDA||IDB||f(N1)||(N2)])
3 E(Ks, f(N2))
gk
g ab ga gb
ga gb
g ab (g b ) a
g ba (g a ) b
g ab g ba
XA
XB
(YB ) X B
(YA ) X B
(YB ) XA
( X B mod q XA mod q
( XA mod q X B mod q
(YA ) X B
XA
(3) 97
(1.9080 10 97 )
XB
( 3) 233
(1.4765 10 111 )
(YB ) XA ( 248) 97
(1.8273 10 232 )
(1.9053 10 373 )
XA (7) 5
XB (7) 12
(YB XA
( 4) 5
gx
Z *p
21
22
23
24
25
26
27
28
29
26
XA
YB (11) 6
YB
YB XA
36
XA
2 XA
2 X8
g x mod n 5 2 mod 11
g y mod n 5 3 mod 11
K1 B x mod n 4 2 mod 11
K1
K2 A y mod n 3 3 mod 11
K2
ga
c1 gk c 2 mb k
(c 1 , c 2 )
c 2 c 1 a
c 2 c 1 a mb k (g k ) a mb k (g a ) k (g k ) a
mg ak g ak
M1 M2
M1
M2
72
c1 c2
73 53
73 53
73 53
73 53
(2 n )
nA
PA nA E q (a, b)
nB PB
n A PB
n B PA
n A PB n A (n B G)
n B (n A G)
n B PA
PA n A G
{KG, Pm KPB }
TM
h1
hn1
Ci b i1 b i2 b im
Ci i th
bij i th j th
M1 , M2 , , MN
Ho
Hi E(M i , H i 1 )
HN
E K (x)
P1 ; P2 ; :::; PN
PN 1 P1 P2 PN
C 1 ; C 2 ; ::; C N 1
Cj E(K, [C j 1 Pj ])
P1 IV D(K, C 1 )
Pi C i 1 D(K, C i )
PN 1 C N D(K, C N 1 )
PN 1
PN 1 P1 P2 PN
[IV D(K, C 1 )] [C 1 D(K, C 2 )] [YC 1 D(K, C N )]
2 64
2 69 2 80
N 1024 bits
L bits
128 bits
Message 100.0 L
M1 M2 MN
V = 512 H1 H2
F + F + F + HN =
Ho hash
code
h ch(e, f, g) e W
512
1 t Kt
a Maj(a, b, c)
512
0
Mi
Hi–1
Message
schedule a b c d e f g h
W0 K0
Round 0
a b c d e f g h
Wt Kt
Round t
a b c d e f g h
W79 K79
Round 79
+ + + + + + + +
Hi
a b c d e f g h
maj ch +
+
+
+ wt
+ + + kt
a b c d e f g h
512 bits
Buffer #1
Input Output
Padding
message data
AXI-ST
AXI-ST
Buffer #2
Keccak-f
Buffer #n
Control
2 64
264 1
Pi D(K i , C) Ki Pi
Time = 1 Time = 2 Time = N–1 Time = N
D1
D2 DN–1 DN
64 bits
+ + +
O1
O2 ON–1 ON
64 bits
DAC
D1, D2 , D 3 , , DN
O1 E(K, D 1 )
O2 E(K, [D 2 O 1 ])
O3 E(K, [D 3 O 2 ])
ON E(K, [D N O N 1 ])
ON
|| M H
M PUG PUa
PRa s
r
PUG
Ver
H Sig
E Compare
K
II M H
M
Compare
H E E[PRa, H(m)] D
PRa PUa
p q g
f2 r
x q
K
f1 S
M
H
(a) Signing
y q g
M' H
q f4
S' f3
V
r' Compare
(b) Verifying
Root CA
Marketing Engineering
Sales CA
CA CA
Subordinate Subordinate
CA CA Subordinate
CA
Certificate
issued by
Engineering CA
Hash code
Unsigned certificate
generation
User ID,
User's public key H
Issuer name
Latest update
Next update
Revoked certificate
Revocation date
Signature
User User
A B
1
User User
A 2 B
User User
A 2 B
3
HTTP FTP SMTP S/MIME PGP SET
IPSec IP IP
TLS
TCP
IP
Server
Client
hp
Hello
Certificate
Secret key
End handshaking
End handshaking
Client machine
Web server
browser
TCP connect
SSL connect
Secure HTTP
Get transaction
SSH User authentication protocol SSH Connection protocol
Internet protocol
SSH client 1. Client initiates the connection by contacting server SSH server
hp
Payload
(may be compressed)
Random padding
MAC
Encryption
Compression
Architecture
ESP AH
protocol protocol
Encryption Authentication
algorithm algorithm
Domain of
interpretation
Key
management
0 8 16 31
Next header Payload length Reserved
Sequence number
Authentication data
P TCP Original data
header header
Sequence number
Payload data
Padding Next
Padding (0-255 bytes)
length header
Authentication data
(Variable size)
TM
Target
system
Slave
servers
LAN monitor
Host Host
Agent
module
Router
WAN Router
Manager
module
Central manager Host Host
LAN monitor
hp hp
To Internet
hp hp hp
Firewall
Corporate network
Packet
filtering
Internet router Private
network
Protected zone
Application level gateway
hp hp
TELNET
Outside Inside
connection FTP connection
SMTP
Outside host Inside host
HTTP
P Application gateway P
hp
packet packet hp
HTTP
SMTP
FTP
TELNET
Outer Inner
firewall firewall
hp
DMZ
Untrusted Trusted
semi-trusted
zone zone
zone
Bastion
host
hp hp
nternet
Packet
filtering
router hp hp
Private
Information network
server hosts
Bastion
host
hp hp
nternet
Packet
filtering
router hp hp
Private
Information network
server hosts
Bastion
host
hp
Private
nternet
network
Outside nside
router router
Information
server
Modem
IDS
Alert
Attack
packet
Internal
network
Border router
IPS Internet
Attack
packet
0 8 16 31
Next header Payload length Reserved
Sequence number
Authentication data
Forward engineering
Requirements Design
recovery recovery
Reverse engineering
Content Content
Content
owner usage
distribution
2. Policy
6. Rist analysis implementation
Security
life
cycle
5. Security 3. Monitor
assessment
4. Intrusion
detection
Typical Botnet
hp hp hp hp hp hp hp hp hp
ABC_bank.com
E-mail ABC_bank.com
172168254254
ABC_bank.com
17216811
www.ABC_bank.com
ph
Client
(a) Phishing
Attacker
ph
ABC_bank.com
g
nin
g
17216811 kin
iso
ban ABC_bank.com
po
ne
nli 172168254254
S
lo
DN
a
rm
ph No
Client
(b) Pharming
T.E. (Computer) Semester - VI (Elective - II) (As Per 2019 Pattern)
T.E. (Computer) Semester - VI (Elective - II) (As Per 2019 Pattern)
1
2
2
9 789355 850393
Made in India
TEXT BOOKS FOR T.E. (COMP) SEM VI
Compulsory Subjects
FE DECODE
SE A Guide for Engineering Students
TE PAPER SOLUTIONS
BE Covers Entire Syllabus Question Answer Format Exact Answers & Solutions
Important Points to Remember Important Formulae
For All Chapterwise Solved University Questions Last 10 Years Solved Papers
Branches
... Available at all Leading Booksellers ...